Analysis
-
max time kernel
133s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
20/04/2024, 18:47
General
-
Target
2024-04-20_918299ec888e349dc7ace2a26571591b_icedid.exe
-
Size
422KB
-
MD5
918299ec888e349dc7ace2a26571591b
-
SHA1
5b5d1565961e6d36ed27a31ad77795a4253096a4
-
SHA256
95610c959be00863b0c1a24b6c3287da2a9d40a3ea1c78e41bf1763a0b38e543
-
SHA512
6f7026cd0b422d5c332230535d133cccd91effe30c3777aa264dc14a1724acfc86738d27b95629b938101763e21ae71721e49a6ecb889b5db57bf7df597fb0e8
-
SSDEEP
12288:fplrVbDdQaqdS/ofraFErH8uB2Wm0SX/Nr5FU:xxRQ+Fucuvm0a/
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-20_918299ec888e349dc7ace2a26571591b_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-20_918299ec888e349dc7ace2a26571591b_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\AutoPlay\Naming.exe"C:\Program Files\AutoPlay\Naming.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
422KB
MD5c5b8784113ec7d580397725b16acaee1
SHA1a2c8657ac12f89bf6ea6eb90c6acdd64b4d39816
SHA25621b54e3a2961f92d57649a02b85dc4357a4164dc959424dc7bff8ef02d5016ef
SHA512a179099183f60e918c63063a747f8080b5196c62f88f6cf66c3c76e6e08ad47fa561da9056ca9b671f84ebef73a9a4e10f5a4f8448f20eaef11c482f65a2dc41
-
Filesize
1.4MB
-
Filesize
1.4MB
-
Filesize
1.4MB
-
Filesize
1.4MB